CVE-2026-8244

5.3 MEDIUM

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03

Published: 2026-05-10 · Last updated: 2026-05-18

Severity and scoring

CVSS: 5.3 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-287

Description

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-8244
[Other]https://gist.github.com/0xb1lal/758bbc5e4d82efea248e675da934ac69
[Other]https://hawktrace.com/blog/caniaserp
[Other]https://vuldb.com/submit/808326
[Other]https://vuldb.com/vuln/362460
[Other]https://vuldb.com/vuln/362460/cti

Related CVEs

Same CWE

CVE-2026-48780 — Forem is open source software for building communities (8.2 HIGH)
CVE-2026-48114 — Metacat is data repository software that helps researchers preserve, share, and discover data (9.8 CRITICAL)
CVE-2026-12183 — Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerabili... (9.8 CRITICAL)
CVE-2026-50623 — An authentication bypass vulnerability exists in the OAuth2 TokenIntrospectionService in Apache CXF (4.8 MEDIUM)
CVE-2026-48611 — Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or enabled leading t... (9.8 CRITICAL)